From: Shivani Baranwal <quic_shivbara@quicinc.com>
Date: Tue, 7 Dec 2021 08:25:24 +0000 (+0530)
Subject: SAE: Make sure BSS entry is available to determine RSNXE information
X-Git-Tag: hostap_2_10~21
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3f8c83a65e3b55c82cea732f4c0bd0137767806b;p=thirdparty%2Fhostap.git

SAE: Make sure BSS entry is available to determine RSNXE information

wpa_supplicant may use wrong SAE authentication method if it doesn't
have the scan result for the target BSS since RSNXE information is not
available.

For example, STA might use the hunting-and-pecking loop method for SAE
authentication even though AP supports SAE H2E and STA is configured
with sae_pwe=2.

This is possible in cases like EXTERNAL_AUTH triggered by the driver
during roaming. To avoid this update scan results to fetch the target
BSS scan result from the driver.

Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
---

diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
index 7f28708de..1dc7001a7 100644
--- a/wpa_supplicant/sme.c
+++ b/wpa_supplicant/sme.c
@@ -137,6 +137,12 @@ static struct wpabuf * sme_auth_build_sae_commit(struct wpa_supplicant *wpa_s,
 	}
 
 	bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
+	if (!bss) {
+		wpa_printf(MSG_DEBUG,
+			   "SAE: BSS not available, update scan result to get BSS");
+		wpa_supplicant_update_scan_results(wpa_s);
+		bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
+	}
 	if (bss) {
 		const u8 *rsnxe;